def test_permission_for_user_himself(self):
queue = QueueFactory(creator=self.user)
count = 3
members = [UserFactory() for _ in range(count)]
for member in members:
password = fuzzy.FuzzyText().fuzz()
member.set_password(password)
member.save()
token = self.client.post(reverse('api_auth_login_api_view'), data={
'username': member.username,
'password': password
}).json()['key']
res = self.client.put(
reverse(
'api_queue_add_member_api_view',
kwargs={'pk': str(queue.id)}
),
data={'userId': member.id}, content_type='application/json',
HTTP_AUTHORIZATION=self._get_auth_header(token)
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
queue.refresh_from_db()
self.assertEqual(len(queue.members), count)
def test_skip_turn_operation(self):
queue = QueueFactory(creator=self.user)
user_1, user_2 = UserFactory(), UserFactory()
def _skip_turn(user):
res = self.client.put(
reverse('api_queue_skip_turn_api_view', kwargs={'pk': str(queue.id)}),
data={
'userId': str(user.id)
},
content_type='application/json',
HTTP_AUTHORIZATION=self.access_header
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
queue.refresh_from_db()
_skip_turn(user_1)
self.assertEqual(queue.members, [])
queue.push_member(str(user_1.id))
queue.save()
for user in (user_1, user_2):
_skip_turn(user)
self.assertEqual(queue.members, [str(user_1.id)])
_skip_turn(user_1)
self.assertEqual(queue.members, [str(user_1.id)])
queue.push_member(str(user_2.id))
queue.save()
_skip_turn(user_2)
self.assertEqual(queue.members, [str(user_2.id), str(user_1.id)])
_skip_turn(user_1)
self.assertEqual(queue.members, [str(user_1.id), str(user_2.id)])
def test_update_queue(self):
queue = QueueFactory(creator=self.user)
new_name = fuzzy.FuzzyText().fuzz()
res = self.client.patch(
reverse(
'api_queue_retrieve_update_destroy_api_view',
kwargs={'pk': str(queue.id)}
), data={'name': new_name}, content_type='application/json',
HTTP_AUTHORIZATION=self.access_header
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
queue.refresh_from_db()
self.assertEqual(queue.name, new_name)
self.assertEqual(res.json()['name'], new_name)
def test_pagination(self):
count = 50
QueueFactory.create_batch(count, creator=self.user)
for limit in range(1, count + 10):
res = self.client.get(
reverse('api_queue_list_create_api_view'),
data={'limit': limit},
HTTP_AUTHORIZATION=self.access_header
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
self.assertEqual(len(res.json()['results']), min(limit, count))
for offset in range(count + 1):
res = self.client.get(
reverse('api_queue_list_create_api_view'),
data={'limit': count, 'offset': offset},
HTTP_AUTHORIZATION=self.access_header
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
self.assertEqual(len(res.json()['results']), count - offset)
def test_delete_queue(self):
queue = QueueFactory(creator=self.user)
res = self.client.delete(
reverse(
'api_queue_retrieve_update_destroy_api_view',
kwargs={'pk': str(queue.id)}
),
HTTP_AUTHORIZATION=self.access_header
)
self.assertEqual(res.status_code, status.HTTP_204_NO_CONTENT)
self.assertEqual(Queue.objects.count(), 0)
def test_filters(self):
user = UserFactory()
queue_1 = QueueFactory(creator=self.user)
queue_2 = QueueFactory(creator=user)
for filters, queue in (
({
'id': str(queue_1.id),
'name': queue_1.name,
'creatorId': str(self.user.id),
'creatorUsername': self.user.username
}, queue_1),
({
'id': str(queue_2.id),
'name': queue_2.name,
'creatorId': str(user.id),
'creatorUsername': user.username
}, queue_2)
):
res = self.client.get(
reverse('api_queue_list_create_api_view'),
data=filters,
HTTP_AUTHORIZATION=self.access_header
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
res = res.json()
self.assertEqual(len(res), 1)
self.assertEqual(res[0]['id'], str(queue.id))
res = self.client.get(
reverse('api_queue_list_create_api_view'),
data={'name': FuzzyText().fuzz()},
HTTP_AUTHORIZATION=self.access_header
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
self.assertEqual(len(res.json()), 0)
def test_get_queue_details(self):
queue = QueueFactory(creator=self.user)
response = self.client.get(reverse(
'api_queue_retrieve_update_destroy_api_view',
kwargs={'pk': str(queue.id)}
), HTTP_AUTHORIZATION=self.access_header)
self.assertEqual(response.status_code, status.HTTP_200_OK)
response = response.json()
for key in ('name', 'members'):
self.assertEqual(response[key], getattr(queue, key))
self.assertEqual(response['id'], str(queue.id))
self.assertEqual(response['isPrivate'], queue.is_private)
self.assertEqual(response['creator']['id'], str(self.user.id))
def test_check_permission(self):
queue = QueueFactory(creator=self.user)
count = 3
members = [UserFactory() for _ in range(count)]
for member in members:
res = self.client.put(
reverse(
'api_queue_add_member_api_view',
kwargs={'pk': str(queue.id)}
),
data={'userId': member.id}, content_type='application/json',
HTTP_AUTHORIZATION=self.access_header
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
queue.refresh_from_db()
self.assertEqual(len(queue.members), count)
for i in range(count):
member = members[i]
member_request = members[(i + 1) % len(members)]
password = fuzzy.FuzzyText().fuzz()
member_request.set_password(password)
member_request.save()
key = self.client.post(reverse('api_auth_login_api_view'), data={
'username': member_request.username,
'password': password
}).json()['key']
res = self.client.put(
reverse(
'api_queue_remove_member_api_view',
kwargs={'pk': str(queue.id)}
), data={'userId': member.id}, content_type='application/json',
HTTP_AUTHORIZATION=self._get_auth_header(key)
)
self.assertEqual(res.status_code, status.HTTP_403_FORBIDDEN)
queue.refresh_from_db()
self.assertEqual(len(queue.members), count)
def test_member_operations(self):
queue = QueueFactory(creator=self.user)
count = 3
users = UserFactory.create_batch(count)
for user in users:
res = self.client.put(
reverse(
'api_queue_add_member_api_view',
kwargs={'pk': str(queue.id)}
),
data={'userId': str(user.id)}, content_type='application/json',
HTTP_AUTHORIZATION=self.access_header
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
queue.refresh_from_db()
self.assertEqual(queue.members, list(map(lambda x: str(x.id), users[::-1])))
for user in users:
res = self.client.put(
reverse(
'api_queue_move_member_to_end_api_view',
kwargs={'pk': str(queue.id)}
), data={'userId': str(user.id)}, content_type='application/json',
HTTP_AUTHORIZATION=self.access_header
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
queue.refresh_from_db()
self.assertEqual(queue.members[0], str(user.id))
queue.refresh_from_db()
self.assertEqual(queue.members, list(map(lambda x: str(x.id), users[::-1])))
queue.refresh_from_db()
self.assertEqual(queue.members, list(map(lambda x: str(x.id), users[::-1])))
for i in range(count):
user = users[i]
res = self.client.put(
reverse(
'api_queue_remove_member_api_view',
kwargs={'pk': str(queue.id)}
), data={'userId': str(user.id)}, content_type='application/json',
HTTP_AUTHORIZATION=self.access_header
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
queue.refresh_from_db()
self.assertEqual(len(queue.members), count - i - 1)
def test_is_teacher_permissions(self):
user = UserFactory(is_teacher=True)
password = fuzzy.FuzzyText().fuzz()
user.set_password(password)
user.save()
key = self.client.post(reverse('api_auth_login_api_view'), data={
'username': user.username,
'password': password
}).json()['key']
queue = QueueFactory(creator=self.user)
for token in (self._get_auth_header(key), self.access_header):
res = self.client.put(
reverse(
'api_queue_add_member_api_view',
kwargs={'pk': str(queue.id)}
),
data={'userId': str(user.id)}, content_type='application/json',
HTTP_AUTHORIZATION=token
)
self.assertEqual(res.status_code, status.HTTP_403_FORBIDDEN)
user_1, user_2 = UserFactory(), UserFactory()
queue.push_member(str(user_1.id))
queue.push_member(str(user_2.id))
queue.save()
queue.refresh_from_db()
self.assertEqual(queue.members, [str(user_2.id), str(user_1.id)])
res = self.client.put(
reverse('api_queue_skip_turn_api_view', kwargs={'pk': str(queue.id)}),
data={
'userId': str(user_1.id)
},
content_type='application/json',
HTTP_AUTHORIZATION=self._get_auth_header(key)
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
queue.refresh_from_db()
self.assertEqual(queue.members, [str(user_1.id), str(user_2.id)])
res = self.client.put(
reverse(
'api_queue_remove_member_api_view',
kwargs={'pk': str(queue.id)}
), data={'userId': str(user_2.id)}, content_type='application/json',
HTTP_AUTHORIZATION=self._get_auth_header(key)
)
self.assertEqual(res.status_code, status.HTTP_200_OK)
queue.refresh_from_db()
self.assertEqual(queue.members, [str(user_1.id)])